Database Security and Privacy
Information Systems Engineering.
Institute of Natural and Applied Sciences
Third Cycle (Doctorate Degree)
| Course Unit Title | Course Unit Code | Type of Course Unit | Level of Course Unit | Year of Study | Semester | ECTS Credits |
|---|---|---|---|---|---|---|
| Database Security and Privacy | BTM603 | Elective | Doctorate degree | 1 | Fall | 8 |
Name of Lecturer(s)
Associate Prof. Dr. Serdar SOLAK
Research Assistant M.M. Enes YURTSEVER
Learning Outcomes of the Course Unit
1) Students are able to design and implement access control rules to assign privileges and protect data in databases.
2) Students are able to implement access control rule to secure data stored in databases. They use Oracle and Microsoft SQL server.
3) Students implement Virtual Private Database to protect data in databases.
4) Students implement database auditing.
5) Students learn and practice various access control theories and techniques including mandatory access control, discretionary access control, role?based access control.
Program Competencies-Learning Outcomes Relation
| Program Competencies | ||||||||||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | ||
| Learning Outcomes | ||||||||||||||
| 1 | Middle | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
| 2 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
| 3 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
| 4 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
| 5 | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | |
Mode of Delivery
Face to Face
Prerequisites and Co-Requisites
None
Recommended Optional Programme Components
Advanced Data Analysis Tools and Techniques
Course Contents
Database security has a great impact on the design of today's information systems. This course will provide an overview of database security concepts and techniques and discuss new directions of database security in the context of Internet information management. The topics will cover database application security models, database and data auditing, XML access control, trust management and privacy protection.
Weekly Schedule
1) Course Description and Security Architecture2) Operating System Security Fundamentals
3) Administration of Users, Access Control
4) Privileges, passwords, roles, Access Control Models
5) Discretionary Access Control and Role-based Access Control
6) Mandatory Access Contro
7) Database Application Security Models, SQL injection
8) Midterm exam
9) Database Encryption and Masking
10) Virtual Private Databases
11) Database Auditing Models
12) Application Data Auditing
13) Multilevel Secure Relational Model
14) Watermarking
15) Project Presentations
16) Final exam
Recommended or Required Reading
1- Database Security and Auditing: Protecting Data Integrity and Accessibility, . ISBN: 0?619?21559?3
2- Implementing Database Security and Auditing, Elsevier digital press. ISBN: 1? 55558?334?2.
3- Information Security: An Integrated Collection of Essays, IEEE Computer Society Press
Planned Learning Activities and Teaching Methods
Assessment Methods and Criteria
Language of Instruction
Turkish
Work Placement(s)
Required